Examples with AllowedAddressPairs org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs used on opensource projects

Example 21 with AllowedAddressPairs

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs in project netvirt by opendaylight.

the class AbstractAclServiceImpl method programRemoteAclTable.

private void programRemoteAclTable(String aclName, Set<Uuid> remoteAclIds, Set<BigInteger> dpns, int addOrRemove) {
    for (Uuid remoteAclId : remoteAclIds) {
        Collection<AclInterface> remoteAclInterfaces = aclDataUtil.getInterfaceList(remoteAclId);
        if (remoteAclInterfaces == null || remoteAclInterfaces.isEmpty()) {
            continue;
        }
        Set<AllowedAddressPairs> aaps = remoteAclInterfaces.stream().map(port -> port.getAllowedAddressPairs()).flatMap(List::stream).filter(aap -> AclServiceUtils.isNotIpAllNetwork(aap)).collect(Collectors.toSet());
        Integer aclTag = aclServiceUtils.getAclTag(remoteAclId);
        if (addOrRemove == NwConstants.ADD_FLOW) {
            for (BigInteger dpn : dpns) {
                for (AllowedAddressPairs aap : aaps) {
                    programRemoteAclTableFlow(dpn, aclTag, aap, addOrRemove);
                }
            }
        } else if (addOrRemove == NwConstants.DEL_FLOW) {
            Set<BigInteger> remoteAclDpns = new HashSet<>();
            Map<String, Set<AclInterface>> mapAclWithPortSet = aclDataUtil.getRemoteAclInterfaces(remoteAclId, this.direction);
            if (mapAclWithPortSet != null) {
                Map<String, Set<AclInterface>> copyOfMapAclWithPortSet = new HashMap<>(mapAclWithPortSet);
                copyOfMapAclWithPortSet.remove(aclName);
                remoteAclDpns = collectDpns(copyOfMapAclWithPortSet);
            }
            Set<BigInteger> dpnsToOperate = new HashSet<>(dpns);
            dpnsToOperate.removeAll(remoteAclDpns);
            LOG.debug("Deleting flows in Remote ACL table for remoteAclId={}, direction={}, dpnsToOperate={}, " + "remoteAclDpns={}, dpns={}", remoteAclId.getValue(), directionString, dpnsToOperate, remoteAclDpns, dpns);
            for (BigInteger dpn : dpnsToOperate) {
                for (AllowedAddressPairs aap : aaps) {
                    programRemoteAclTableFlow(dpn, aclTag, aap, addOrRemove);
                }
            }
        }
    }
}

Example 22 with AllowedAddressPairs

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs in project netvirt by opendaylight.

the class AbstractAclServiceImpl method updateRemoteAclFilterTable.

private void updateRemoteAclFilterTable(AclInterface port, List<Uuid> aclList, List<AllowedAddressPairs> aaps, int addOrRemove) {
    if (aclList == null) {
        LOG.debug("Port {} without SGs", port.getInterfaceId());
        return;
    }
    String portId = port.getInterfaceId();
    LOG.trace("updateRemoteAclFilterTable for portId={}, aclList={}, aaps={}, addOrRemove={}", portId, aclList, aaps, addOrRemove);
    for (Uuid aclId : aclList) {
        if (aclDataUtil.getRemoteAcl(aclId, this.direction) != null) {
            Integer aclTag = aclServiceUtils.getAclTag(aclId);
            if (addOrRemove == NwConstants.ADD_FLOW) {
                syncRemoteAclTable(portId, aclId, aclTag, aaps, addOrRemove);
            } else if (addOrRemove == NwConstants.DEL_FLOW) {
                // look-ups for AclPortsLookup data.
                synchronized (aclId.getValue().intern()) {
                    syncRemoteAclTable(portId, aclId, aclTag, aaps, addOrRemove);
                }
            }
        }
    }
    Set<Uuid> remoteAclIds = aclServiceUtils.getRemoteAclIdsByDirection(aclList, direction);
    for (Uuid remoteAclId : remoteAclIds) {
        syncRemoteAclTableFromOtherDpns(port, remoteAclId, addOrRemove);
    }
}

Example 23 with AllowedAddressPairs

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs in project netvirt by opendaylight.

the class AclServiceTestBaseIPv6 method setUpData.

@Override
protected void setUpData() throws Exception {
    newElan(ELAN, ELAN_TAG);
    newElanInterface(ELAN, PORT_1, true);
    newElanInterface(ELAN, PORT_2, true);
    newElanInterface(ELAN, PORT_3, true);
    final AllowedAddressPairs aapPort1 = buildAap(IPv6_PREFIX_1, PORT_MAC_1);
    final AllowedAddressPairs aapPort2 = buildAap(IPv6_PREFIX_2, PORT_MAC_2);
    final AllowedAddressPairs aapPort3 = buildAap(IPv6_PREFIX_3, PORT_MAC_3);
    newAllowedAddressPair(PORT_1, Arrays.asList(SG_UUID_1), Arrays.asList(aapPort1));
    newAllowedAddressPair(PORT_2, Arrays.asList(SG_UUID_1), Arrays.asList(aapPort2));
    newAllowedAddressPair(PORT_3, Arrays.asList(SG_UUID_1, SG_UUID_2), Arrays.asList(aapPort3));
}

Example 24 with AllowedAddressPairs

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs in project netvirt by opendaylight.

the class NeutronvpnUtils method getAclAllowedAddressPairs.

/**
 * Gets the acl allowed address pairs.
 *
 * @param macAddress the mac address
 * @param ipAddress the ip address
 * @return the acl allowed address pairs
 */
protected static AllowedAddressPairs getAclAllowedAddressPairs(MacAddress macAddress, org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.types.rev160517.IpPrefixOrAddress ipAddress) {
    AllowedAddressPairsBuilder aclAllowedAdressPairBuilder = new AllowedAddressPairsBuilder();
    aclAllowedAdressPairBuilder.setMacAddress(macAddress);
    if (ipAddress != null && ipAddress.getValue() != null) {
        if (ipAddress.getIpPrefix() != null) {
            aclAllowedAdressPairBuilder.setIpAddress(new IpPrefixOrAddress(ipAddress.getIpPrefix()));
        } else {
            aclAllowedAdressPairBuilder.setIpAddress(new IpPrefixOrAddress(ipAddress.getIpAddress()));
        }
    }
    return aclAllowedAdressPairBuilder.build();
}

Example 25 with AllowedAddressPairs

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs in project netvirt by opendaylight.

the class NeutronPortChangeListener method handlePortSecurityUpdated.

private static InterfaceAclBuilder handlePortSecurityUpdated(Port portOriginal, Port portUpdated, boolean origSecurityEnabled, boolean updatedSecurityEnabled, InterfaceBuilder interfaceBuilder) {
    InterfaceAclBuilder interfaceAclBuilder = null;
    if (origSecurityEnabled != updatedSecurityEnabled) {
        interfaceAclBuilder = new InterfaceAclBuilder();
        interfaceAclBuilder.setPortSecurityEnabled(updatedSecurityEnabled);
        if (updatedSecurityEnabled) {
            // Handle security group enabled
            NeutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, portUpdated);
        } else {
            // Handle security group disabled
            interfaceAclBuilder.setSecurityGroups(new ArrayList<>());
            interfaceAclBuilder.setAllowedAddressPairs(new ArrayList<>());
        }
    } else {
        if (updatedSecurityEnabled) {
            // handle SG add/delete delta
            InterfaceAcl interfaceAcl = interfaceBuilder.getAugmentation(InterfaceAcl.class);
            interfaceAclBuilder = new InterfaceAclBuilder(interfaceAcl);
            interfaceAclBuilder.setSecurityGroups(NeutronvpnUtils.getUpdatedSecurityGroups(interfaceAcl.getSecurityGroups(), portOriginal.getSecurityGroups(), portUpdated.getSecurityGroups()));
            List<AllowedAddressPairs> updatedAddressPairs = NeutronvpnUtils.getUpdatedAllowedAddressPairs(interfaceAcl.getAllowedAddressPairs(), portOriginal.getAllowedAddressPairs(), portUpdated.getAllowedAddressPairs());
            interfaceAclBuilder.setAllowedAddressPairs(NeutronvpnUtils.getAllowedAddressPairsForFixedIps(updatedAddressPairs, portOriginal.getMacAddress(), portOriginal.getFixedIps(), portUpdated.getFixedIps()));
        }
    }
    return interfaceAclBuilder;
}